SolarWinds uses cookies on our websites to facilitate and improve your online experience. By continuing to use our website, you consent to our use of cookies. For further details on cookies, please see our cookies policy.

SolarWinds SAM port requirements

Table of contents

Review and open ports for SAM to support communication for the Orion server, the main polling engine, Additional Polling Engines (APEs), and Additional Web Servers (AWS). These ports include feature specific requirements including Orion agents, SolarWinds High Availability (HA), and component monitors and templates.

Ports 4369, 25672, and 5672 are opened by default on the main server for RabbitMQ messaging. These ports can be blocked by the firewall. If using High Availability, make sure port 4369 is open.

If your devices do not use the default syslog port to send messages, you must also modify the Orion server to listen to that port.

Port

Protocol

Service/
Process

Direction

Description

Encryption

12

UDP

SNMP Informs

Bidirectional

Receive trap messages

n/a

user-defined, default: 22

SSH

SolarWinds Job Engine v2

IIS

Bidirectional

Port for accessing ASA devices through the CLI

Device-based

25

TCP

SolarWinds Alerting Service V2

Outbound

SMTP port for non-encrypted messages

n/a

53

UDP

SolarWinds Job Engine v2

Bidirectional

Resolving DNS queries

n/a

80

TCP

IIS

Inbound

Default additional web server port. If you specify any port other than 80, you must include that port in the URL used to access the web console. For example, if you specify an IP address of 192.168.0.3 and port 8080, the URL used to access the web console is http://192.168.0.3:8080. Open the port to enable communication from your computers to the Orion Web Console.

The port might also be used for Cisco UCS monitoring.

n/a

161

UDP

SolarWinds Job Engine v2

SolarWinds Cortex

Bidirectional

Send and receive SNMP information

SNMP v1 and v2 are unencrypted. SNMP v3 uses AES & 3DES encryption.

162

UDP

SolarWinds Trap Service

Inbound

Receive trap messages

n/a

443

TCP

IIS

Inbound

Default port for https binding.

SSL

465

TCP

SolarWinds Alerting Service V2

Outbound

SMTP port used to send TLS-enabled email alert actions

SSL

514

UDP

SolarWinds Syslog Service

Inbound

Receive syslog messages

n/a

587

TCP

SolarWinds Alerting Service V2

Outbound

SMTP port used to send TLS-enabled email alert actions

TLS

1433

TCP

SolarWinds Alerting Service V2

SolarWinds Administration Service

SolarWinds Information Service

SolarWinds Information Service V3

SolarWinds Orion Module Engine

Outbound

Communication between the SolarWinds server and the SQL Server.

n/a

1434

UDP

SolarWinds Alerting Service V2

SolarWinds Administration Service

SolarWinds Information Service

SolarWinds Information Service V3

SolarWinds Orion Module Engine

Outbound

Communication with the SQL Server Browser Service to determine how to communicate with certain non-standard SQL Server installations. For more information, see this Microsoft Technet article.

For encrypted RabbitMQ messaging (AMQP/TLS) into the main polling engine from all Orion servers.

Sending messages to RabbitMQ.

TLS 1.2

17777

TCP

SolarWinds Orion Module Engine

SolarWinds Information Service

SolarWinds Information Service V3

SolarWinds Cortex

Bidirectional

Communication between services and SolarWinds Orion module traffic.

Communication between the Orion Web Console and the polling engine.

Communication between the main server and pool members.

RSA handshake, AES 256 communication using WCF

TLS 1.2 with Cortex

17778

HTTPS

SolarWinds Agent

Inbound to the Orion server

Required for access to the SWIS API and agent communication

SSL

Agents

The following ports are used by the SolarWinds Orion agent.

Port

Type

Direction

Encryption

Description

22

TCP

bidirectional

Used to install the agent on Linux computers through SSH and SFTP or SCP. Open this port for outbound connections on the Orion server or additional polling engings and inbound connections on the monitored computer.

135

TCP

inbound

(DCE/RPC Locator service) Microsoft EPMAP. This port must be open on the client computer for remote deployment.

Active directory, RPC and SMB protocol ports are used by Orion Poller Agent installer to connect to Windows OS and to deploy Windows Agent.

445

TCP

inbound

Microsoft-DS SMB file sharing. This port must be open on the client computer (inbound) for remote deployment.

Active directory, RPC and SMB protocol ports are used by Orion Poller Agent installer to connect to Windows OS and to deploy Windows Agent.

17778

TCP

bidirectional

SSL, TLS 1.0 or later

Send and receive information from Windows and Linux devices polled by agents using agent-initiated communication. Used to deploy agents.

Important: This requirement is for Active agents only. If Passive agents are used, no ports need to be opened on the firewall for the Orion server. For more information, see Changing the Agent Port.

17790

TCP

bidirectional

SHA1 certificate, TLS 1.0 or later

Used by the agent to communicate with the Orion server when the agent is in server-initiated communication mode.

In Passive mode, port 17790 must be opened on the host where the agent is installed and allowed by the firewall.

17791

TCP

bidirectional

Used by the agent to communicate with the Orion server when the agent is in agent-initiated communication mode. This port must be opened if the reomte computers you monitor run Windows 2008 R2.

High Availability

The following ports are used in addition to ports used by your primary products when you enable High Availability.

Port

Protocol

Service/
Process

Direction

Description

53

UDP

SolarWinds High Availability Service

outbound

Used when failing over with a virtual hostname to update the virtual hostname's DNS entry and for periodic monitoring.

4369

TCP

RabbitMQ

bidirectional

Port 4369 must be open between the main and secondary servers to allow RabbitMQ clustering between the two servers. These ports exchange EPMD and Erlang distribution protocol messages for RabbbitMQ. They do not need to be open in additional polling engine pools.

5671

TCP

SolarWinds High Availability

bidirectional

Port 5671 must be open into the HA pool with the main Orion server from all Orion servers. Traffic is encrypted using TLS 1.2.

17777

TCP

SolarWinds installer

bidirectional

Used when installing the standby server software. You can close this port after installation.

25672

TCP

RabbitMQ

bidirectional

Port 25672 must be open between the main and secondary servers to allow RabbitMQ clustering between the two servers. These ports exchange EPMD and Erlang distribution protocol messages for RabbbitMQ. They do not need to be open in additional polling engine pools.

This field is the port number used for HTTP forms-based login sessions.

HTTPS Monitor

443

The port used by the web site.

IMAP4 Monitor

143

IMAP4 User Experience Monitor

143 and 993

IMAP4

This component monitor uses these ports when used with a Microsoft Exchange mail server.

IMAP4 User Experience Monitor

25

SMTP

This component monitor uses these ports when used with a Microsoft Exchange mail server.

IMAP4 Port sessions

143

IMAP4

This field is the port number used for IMAP 4 sessions.

IMAP4 Port sessions

585

IMAP4

For Secure IMAP (IMAP4-SSL), use port 585.

IMAP4 Port sessions

993

IMAP4

For IMAP4 over SSL (IMAPS), use port 993.

LDAP User Experience Monitor

389

The port used for LDAP connections.

LDAP User Experience Monitor

636

For LDAP over SSL, use port 636.

Linux/Unix Script Monitor Ports

22

This field allows you to specify the port number used for the SSH connection.

NNTP Monitor

119

UDP

This field is the port number used for NNTP connections.

ODBC User Experience Monitor

1630

TCP

This component monitor uses port TCP/1630.

Oracle User Experience Monitor

1521

TCP

The Oracle SQL*Net Listener allows Oracle client connections to the database over Oracle's SQL*Net protocol. You can configure it during installation. To reconfigure this port, use Net Configuration Assistant.

Oracle User Experience Monitor

1526

TCP

The Oracle SQL*Net Listener allows Oracle client connections to the database over Oracle's SQL*Net protocol. You can configure it during installation. To reconfigure this port, use Net Configuration Assistant.

Performance Counter Monitor

See description

TCP

This monitor uses RPC, requiring the following ports:

TCP/135

RPC/named pipes (NP) TCP 139

RPC/NP TCP 445

RPC/NP UDP 137

RPC/NP UDP 138

POP3 Monitor
POP3 User Experience Monitor

110 (default)

This field is the port number used for POP3 connections.

POP3 Monitor
POP3 User Experience Monitor

995

For Secure POP3 (SSL-POP) use port 995.

POP3 User Experience Monitor
SMTP Monitor

25

SMTP

This component uses port 25 for SMTP sessions.

SMTP Monitor

465

SSMTP

For Secure SMTP (SSMTP), use port 465.

POP3 Monitor

See Description

This component monitor uses the following ports when used with a Microsoft Exchange mail server.

102 X.400 MTA

110 POP3

119 NNTP

143 IMAP4

389 LDAP

563 POP3 over SSL

636 LDAP over SSL

993 IMAP4 over SSL

995 Secure POP3 over SSL

POP3 User Experience Monitor

110 (default)

This field is the port number used for POP3 sessions. The default value is 110. For Secure POP3 (SSL-POP) use port 995. It also uses an SMTP Port, port 25 for SMTP sessions.

Process Monitor

SNMP

This component monitor uses SNMP communication.

Process Monitor WMI

Uses WMI communication to test if the specified Windows process is running and uses RPC communication to test if the specified Windows process is running.

RADIUS User Experience Monitor

1812
1645

This field is the RADIUS protocol authentication port. The default value is 1812. Cisco devices may require port 1645. This field is the RADIUS protocol accounting port. The default value is 1813. Cisco devices may require port 1646.

RWHOIS Port Monitor

4321

This template tests the ability of an RWHOIS server to accept incoming sessions on port 4321.

SQL Server User Experience Monitor

1433

This component monitor only works if Microsoft SQL Server is using the default port 1433. If you have a Microsoft SQL Server database that uses a non-standard port, you cannot monitor it using the SQL Server User Experience monitor. You need to use the ODBC User Experience monitor instead to manually define a connection string that will allow you to talk to Microsoft SQL Server on its custom port.

TACACS+User Experience Monitor

49

This field is the TACACS+ protocol connection port. The default value is 49.

Tomcat Server Monitor

8080

This field allows you to specify the port number used by the web site. The default value for this field is 8080.

VMware Performance Counter Monitor

443

Port number to use for VMware API. The default is 443.

ESX Hardware Monitoring

5989

Ensure port 5989 is open on the firewall.

Windows Event Log Monitor

This component monitor uses the following ports:

TCP/135

RPC/named pipes (NP) TCP 139

RPC/NP TCP 445

RPC/NP UDP 137

RPC/NP UDP 138

POP3 User Experience Monitor port 110

SAM template port requirements

Template port requirements vary depending on how you utilize them. The following provides a list of monitor templates that use ports.

Template

Port

Description

Blackberry Delivery Confirmation template

25

Blackberry Delivery Confirmation template uses port 25 on the SMTP server for sending the test email. If the SMTP server uses a different port, change this value.

Finger Port Monitor

79

This template tests the ability of the Finger service to accept incoming sessions on port 79.

Gopher Port Monitor

70

This template tests the ability of a Gopher server to accept incoming sessions on port 70.

IRC Port Monitor

6667

This template tests the ability of an IRC server to accept incoming sessions on port 6667.

Java Application Server (SNMP) template

1161

This template is configured to send SNMP requests on port 1161.

SNPP Port Monitor

444

This template tests the ability of an SNPP server to accept incoming sessions on port 444.

Windows FTP Server (via WMI)

21

This template monitors the Windows FTP Publishing Service and tests the ability of the FTP server to accept incoming sessions on port 21.

SAM WMI Requirements

Microsoft Windows by default uses a random port between 1024 and 65535 for WMI communications. You must create firewall exceptions to allow TCP/UDP traffic on ports 1024 - 65535 or the component monitors and templates that use WMI will not work.